Categories: SecurityWorkspace

Adobe Reader X Flaw ‘Being Sold On Black Market For $50k’

Cyber crooks are thought to be selling a zero-day vulnerability in Adobe Reader X and packaging it up in the most prevalent exploit kit in the world – Blackhole.

Russian firm Group-IB claimed to have confirmed the Adobe Reader flaw earlier this week, and reports have suggested that the flaw is fetching between $30,000 and $50,000 on the black market. As the Blackhole Exploit Kit is being used, some suspect the flaw is being used to serve up banking malware to unsuspecting Internet users.

Blackhole kits are typically thrown up at users from infected websites, in what are known as drive-by download attacks. All it requires is an iFrame to be read by the target’s browser.

Another Adobe flaw

As noted by Group-IB, however, the vulnerability can only be exploited after a user closes and then reopens the browser. The company did not explain why that was the case.

“Another variant is to organise interaction between the victim and the malformed PDF document. Either way, the vulnerability … has [a] very significant vector to be spread with bypassing of internal Adobe X sandbox, which is appealing for cyber crime gangs because in the past there was no documented method of how to bypass it with shellcode execution,” said Andrey Komarov, head of the international projects department at Group-IB.

Adobe said it is now in contact with Group-IB and is hoping to learn more from the Russian firm to determine whether the flaw was genuine.

“We are aware of the announcement from Group IB and have reached out to Group IB for additional information. We are now in communication with Group IB so we can make a determination whether or not this is in fact a vulnerability and a sandbox bypass,” a spokesperson told TechWeekEurope.

“Without additional details, and in particular a sample, there is nothing we can do, unfortunately, beyond continuing to monitor the threat landscape and working with our partners in the security community, as always. We will update you as soon as we have new information and a determination can be made.”

The company has had to deal with various vulnerabilities in its software over recent months, but has received plaudits for its quick response to found flaws.

In September, it was working with close partner Microsoft to patch vulnerabilities in Flash Player for Windows 8. However, in August, Google researchers warned that Adobe had left patches for 16  serious flaws out of its Reader update, which could have left users open to attack.

Are you a security expert? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 hours ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

6 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

7 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

23 hours ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

1 day ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

1 day ago